aijaz802 Sat, 03/01/2008 - 21:56
User Badges:
  • Bronze, 100 points or more

Hi Vijay,


VLAN1 carries certain traffic (CDP, PAgP, DTP, VTP, etc) used by the switches. It's also the default VLAN for all the switch ports. So the idea is not use it for anything else. No compelling reason other than lets keep traffic that has to traverse

vlan 1 from mixing with user traffic and also improves security to a certain extent.



Pls. go thru this link for detailed info..


http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml


Pls. rate if it helps..


HTH


*aijaz*

pbvijay1223 Sun, 03/02/2008 - 03:43
User Badges:

Thank you Soo Aijaz. It was really helpful information

robert.horrigan Sat, 03/01/2008 - 22:52
User Badges:

Years ago before there was any great switch hardening (stp, trunking) we liked to change the default management and user vlans to another number for for security reasons. Now it's not such a huge deal as there are other mechanisms to prevent other devices from impacting the network, however, this practice is still carried today....just because we like to change the defaults i guess.

Actions

This Discussion